Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid HTTS User Certificates

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 2 Posters 495 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mansi
      last edited by

      Hi, I have Squid and SquidGuard configured and running in PFsense 2.4.4 with HTTPS filtering,
      I have installed the certificates on Windows and everything works.
      I have the problem at www where they use personal or business certificates such as www from the state to view private information or perform some paperwork.
      The www should ask for the certificate installed in each client, but it does not ask for it or it gives an error 403 .... without HTTPS filter it worked well ...
      I imagine this has to be a global problem, what can be the solution?
      Thank you.

      08a310e9-3ba3-4e22-94f9-f26424ca4525-image.png

      1 Reply Last reply Reply Quote 0
      • KOMK Offline
        KOM
        last edited by

        While I don't fully understand your problem, your description is not how https works. The website does not reach out to the client and get a certificate from the client. You have it entirely backwards. You request from squid and squid gives you its certificate. Squid requests from the website. The website responds with its certificate and squid checks if it's valid, then squid passes the page contents to you. If it is working everywhere else except this one site, then the problem is with that one site. Perhaps they have an in valid certificate? I don't know as I can't read that text of the error and I'm not going to type all that into a translator.

        M 1 Reply Last reply Reply Quote 0
        • M Offline
          mansi @KOM
          last edited by

          @KOM Thanks!!
          I know it's not very well explained.
          But the problem is on the web where a personal or business certificate is used, in my country these certificates will be used to make official procedures,
          The problem with Squid HTTPS, these websites do not get to ask me for the personal or company certificate, they fail.
          I have made it work by adding an ALIASES to the websites that give me an error and adding the ALIAS to the Proxy Bypass ...
          Thanks!!!

          1 Reply Last reply Reply Quote 1
          • KOMK Offline
            KOM
            last edited by

            Ah, now I understand. I'm not from a country that enforces user certs for dealing with government.

            Glad to hear you got it working now.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.